<?php
/*
  ===========================================================================
  index.php - HollandscheMeesters

  naam: Mamadou Diallo
  Author   : LimeLight B.V., 2012, http://www.thelimelight.nl/
  ===========================================================================
 */

// LOGIN MODULE
//Start session
session_start();
include_once('../controller/includes/db_access.php');


if (isset($_POST['actType']) && ($_POST['actType'] == 'check')) {
    // start een sessie of zet een sessie voort
	//Include database connection details
	//require_once('config.php');
	
	//Array to store validation errors
	$errmsg_arr = array();
	
	//Validation error flag
	$errflag = false;
	
	
	//Function to sanitize values received from the form. Prevents SQL injection
	function clean($str) {
		$str = @trim($str);
		if(get_magic_quotes_gpc()) {
			$str = stripslashes($str);
		}
		return mysql_real_escape_string($str);
	}
	
	//Sanitize the POST values
	$login = clean($_POST['myusername']);
	$password = clean($_POST['mypassword']);
	
	//Input Validations
	if($login == '') {
		$errmsg_arr[] = 'Login ID missing';
		$errflag = true;
	}
	if($password == '') {
		$errmsg_arr[] = 'Password missing';
		$errflag = true;
	}
	
	//If there are input validations, redirect back to the login form
	if($errflag) {
            
		$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
		session_write_close();
		header("location: index.php");
		exit();
	}
	
	//Create query
	$qry="SELECT * FROM adm_acs WHERE username='$login' AND password='".md5($_POST['mypassword'])."'";
	$result=mysql_query($qry);
	
	//Check whether the query was successful or not
	if($result) {
		if(mysql_num_rows($result) == 1) {
			//Login Successful
			session_regenerate_id();
			$member = mysql_fetch_assoc($result);
			$_SESSION['SESS_MEMBER_ID'] = $member['member_id'];
			$_SESSION['SESS_FIRST_NAME'] = $member['firstname'];
			$_SESSION['SESS_LAST_NAME'] = $member['lastname'];
			session_write_close();
			header("location: member-index.php");
			exit();
		}else {
			//Login failed
			header("location: login-failed.php");
			exit();
		}
	}else {
		die("Query failed");
	}
        
        }
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Login db me</title>
<style>
body
{
background-color:#fff;
}
#login_box .input
{
background-color: #FFFFFF;
    border: 1px solid #CCCCCC;
    border-radius: 3px 3px 3px 3px;
    color: #555555;
    display: inline-block;
    font-size: 13px;
    height: 18px;
    line-height: 18px;
    margin-bottom: 9px;
    padding: 4px 4px 4px 23px;
    width: 210px;
}
.btn
{
-moz-border-bottom-colors: none;
    -moz-border-image: none;
    -moz-border-left-colors: none;
    -moz-border-right-colors: none;
    -moz-border-top-colors: none;
  background-color: #DA4F49;
    background-image: -moz-linear-gradient(center top , #EE5F5B, #BD362F);
    background-repeat: repeat-x;
    border-color: #E6E6E6 #E6E6E6 #B3B3B3;
    border-radius: 4px 4px 4px 4px;
    border-style: solid;
    border-width: 1px;
    box-shadow: 0 1px 0 rgba(255, 255, 255, 0.2) inset, 0 1px 2px rgba(0, 0, 0, 0.05);
    color: #fff;
    cursor: pointer;
    display: inline-block;
    font-size: 13px;
    line-height: 18px;
    margin-bottom: 0;
    padding: 4px 10px;
    text-align: center;
    text-shadow: 0 1px 1px rgba(255, 255, 255, 0.75);
    vertical-align: middle;
    float:right;
}
#login_box
{
padding:60px 30px 30px 30px;
border:solid 1px #dedede;
width:238px;
background-color:#fcfcfc;
margin-top:70px;

}
#img_box
{
   background-color: #FFFFFF;
    border: 1px solid #DEDEDE;
   
   
    margin-left: 77px;
    margin-top: -108px;
    position: absolute;
    width: 86px;
 height: 86px;
}
.user
{
background:url(icons/user.png) 4px no-repeat ;
}
.passcode
{
background:url(icons/lock.png) 4px no-repeat;
}
.avatar_img
{
padding:3px;
}
#login_container
{
background:url(blue.jpg) #006699;
    overflow: auto;
    width: 300px;

}
</style>
</head>
<body>
	
<div style='margin:0px auto;width:400px; text-align:center'>
<div id='login_container'>
<div id='login_box'>
<div id='img_box'><img src='http://www.gravatar.com/avatar/?d=mm' class='avatar_img'/></div>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="sform" id="sform" onSubmit="return checkForm(this)">
<input type="hidden" name="actType" value="check" />
<input type='text' id='username' name="myusername" class='input user'/> <br/>
<input type='password' id='password' name="mypassword" class='input passcode'/> <br/>
<input type='submit' value=' Login ' class='btn' />
<div style='clear:both'></div>
</form>
</div>
</div>

</div>
</body>
</html>
            </form>

        </div>


    </body>
</html>